Corporate networks are often filled with sensitive data in the form of confidential emails, company-private documents, personally identifying information, financial information, and more. Ensuring that this data is kept secure may be very important for both a company's reputation and for its success. Companies may have data loss prevention (DLP) policies to ensure that sensitive data is handled correctly. DLP policies may include different rules for different applications. A document editor may be allowed to access files that a file transfer program may be denied access to. In order to enforce DLP policies correctly, it may be very important to differentiate between applications.
Many computing devices now feature sandboxes, applications which isolate other applications from the main operating system. Sandboxes may have many benefits, but they may also obscure which application is accessing a file. Traditional systems for enforcing DLP policies may not be capable of differentiating between applications within a sandbox, and as a result, may incorrectly enforce DLP rules on sandboxed applications. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for enforcing data loss prevention policies on sandboxed applications.